[Ewrt-devel] Re: pppoe

Thu May 6 13:56:08 PDT 2004

Hi Thomas!

On Thu, 2004-05-06 at 05:12, Thomas Arden wrote:
> Hi Irving,
> I have tested three firmwares: 
> Sveasoft Satori_v2_2.00.8.7sv-pre3
> Firmware_Satori-pre3_6G
> ewrt-0.2-beta1.bin
> 

Unfortunately, we don't have access to the non-free Sveasoft firmware.  
Our distribution is based on Sveasoft 2.00.8.6sv (Samadhi2) with some
fixes from Satori-pre1.  

Can you reproduce your issues with Samadhi2, Satori-pre1 or the latest
Linksys code?

> Settings:
> Standard configuration, no changes in iptables.
> MTU Size 1492, DHCP is on, boot wait is on,
> TFtp is on, NTP client enable
> all other settings are standard.
> DSL Modem is a Lucent CellPipe 20 Series
> this are all informations, i have at the moment.
> 

So you're running PPPOE over ADSL and you have a non-standard MTU size? 
My only guess as to why some websites don't work and others do is
because Path MTU discovery is broken.  This could also be an iptables
thing.  If you do an "iptables -n -vL" do you see something about tcpmss
in the FORWARD chain?
Linksys code is supposed to setup MSS if PPPoE is on and the MTU is
changed.  but the iptables tutorial does things differently.  not sure
what is correct here.

I can't tell you what has specifically changed in Sveasoft since James
stopped releasing his code, but if you find a fix I'd consider including
it.  We don't have any PPPOE/ADSL sites to test ourselves.

good luck,

-- 
Irving Popovetsky               Information Security Consultant
ProStructure Consulting             http://www.prostructure.com
Network and Security Consulting           phone: (503) 288-1566

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://portless.net/pipermail/ewrt-devel/attachments/20040506/de553726/attachment.bin